NotCVE - vendor:"Microsoft" product:".net" version:" >= 7.0.0

Page 4 of 29 results (0.017 seconds)

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0

CVE-2023-35391 – ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability

https://notcve.org/view.php?id=CVE-2023-35391

ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35391 •

CVSS: 7.8EPSS: 2%CPEs: 5EXPL: 0

CVE-2023-35390 – .NET and Visual Studio Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2023-35390

.NET and Visual Studio Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de .NET y Visual Studio A vulnerability was found in dotnet. This issue exists when some dotnet commands are used in directories with weaker permissions, which can result in remote code execution. • https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CL2L4WE5QRT7WEXANYXSKSU43APC5N2V https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NWVZFKTLNMNKPZ755EMRYIA6GHFOWGKY https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35390 https://access.redhat.com/security/cve/CVE-2023-35390 https://bugzilla.redhat.com/show_bug.cgi?id=2228622 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 8.1EPSS: 0%CPEs: 8EXPL: 0

CVE-2023-33170 – ASP.NET and Visual Studio Security Feature Bypass Vulnerability

https://notcve.org/view.php?id=CVE-2023-33170

ASP.NET and Visual Studio Security Feature Bypass Vulnerability A vulnerability was found in dotNET applications where account lockout maximum failed attempts may not be immediately updated, allowing an attacker to try more passwords and bypass security restrictions. This flaw allows a remote attacker to bypass security features, causing an impact on confidentiality, integrity, and availability. • https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVZVMMCCBBCSCPAW2CRQGOTKIHVFCMRO https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O5CFOR6ID2HP45E7ZOGQNX76FPIWP7XR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TLWNIIA2I6YCYVCXYBPBRSZ3UH6KILTG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3VJRGNYJXGPF5LXUG3NL45QPK2UU6PL https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33170 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 8.1EPSS: 0%CPEs: 7EXPL: 0

CVE-2023-33127 – .NET and Visual Studio Elevation of Privilege Vulnerability

https://notcve.org/view.php?id=CVE-2023-33127

.NET and Visual Studio Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33127 • CWE-1220: Insufficient Granularity of Access Control •

CVSS: 7.8EPSS: 0%CPEs: 86EXPL: 0

CVE-2023-24895 – .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2023-24895

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24895 •

1 2 3 4 5